From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by mail.saout.de (Postfix) with ESMTP id 2DB0F92D2 for ; Thu, 6 Aug 2009 09:47:40 +0200 (CEST) Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6PTks5jZZsOe for ; Thu, 6 Aug 2009 09:47:34 +0200 (CEST) Received: from mx2.redhat.com (mx2.redhat.com [66.187.237.31]) by mail.saout.de (Postfix) with ESMTP for ; Thu, 6 Aug 2009 09:47:34 +0200 (CEST) Message-ID: <4A7A8A73.706@redhat.com> Date: Thu, 06 Aug 2009 09:46:59 +0200 From: Milan Broz MIME-Version: 1.0 References: <87zlaf3zl0.wl@obsidian.enotty.net> <4A7984A7.40109@redhat.com> <20090805203017.GA5875@Chamillionaire.breakpoint.cc> In-Reply-To: <20090805203017.GA5875@Chamillionaire.breakpoint.cc> Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] cryptsetup with arc4 cipher List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Sebastian Andrzej Siewior Cc: dm-crypt@saout.de, Stelios Bounanos , linux-crypto@vger.kernel.org Sebastian Andrzej Siewior wrote: > Don't use this as a block cipher in dm-crypt, it is a bad idea. > > The long story: > ARC4 is a stream cipher and not a block cipher. Its internal state is > reseted in setkey() and every crypto request (encrypt/decrypt don't > matter) update the internal state of the stream cipher. That's why you > get a different result every time you read the same block. > > If you want to use this stream cipher in dm-crypt you would have to > setup it up in ECB mode and use a key like "passphrase-IV". You have to > set this key before a requests and wait until its done until you > issue another crypto request (which includes setkey). yes, I understand why this happens. I do not want to use stream cipher, but apparently users will do that:-) My question was why crypto allows this setting? Or maybe what to do in dm-crypt to not allow user set such cipher mapping (because it cannot produce anything useful). IMHO it will not work even in ECB mode here for dm-crypt. (also dm-crypt uses own IV function generators, but it is another story) > CBC will not work because one of its requirements is that the cipher > provides an inverse function which ARC4 simply does not have. Again, why crypto API allows to use it and do not produce error then? Milan -- mbroz@redhat.com From mboxrd@z Thu Jan 1 00:00:00 1970 From: Milan Broz Subject: Re: [dm-crypt] cryptsetup with arc4 cipher Date: Thu, 06 Aug 2009 09:46:59 +0200 Message-ID: <4A7A8A73.706@redhat.com> References: <87zlaf3zl0.wl@obsidian.enotty.net> <4A7984A7.40109@redhat.com> <20090805203017.GA5875@Chamillionaire.breakpoint.cc> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Cc: Stelios Bounanos , dm-crypt@saout.de, linux-crypto@vger.kernel.org To: Sebastian Andrzej Siewior Return-path: Received: from mx2.redhat.com ([66.187.237.31]:47296 "EHLO mx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752219AbZHFHrj (ORCPT ); Thu, 6 Aug 2009 03:47:39 -0400 In-Reply-To: <20090805203017.GA5875@Chamillionaire.breakpoint.cc> Sender: linux-crypto-owner@vger.kernel.org List-ID: Sebastian Andrzej Siewior wrote: > Don't use this as a block cipher in dm-crypt, it is a bad idea. > > The long story: > ARC4 is a stream cipher and not a block cipher. Its internal state is > reseted in setkey() and every crypto request (encrypt/decrypt don't > matter) update the internal state of the stream cipher. That's why you > get a different result every time you read the same block. > > If you want to use this stream cipher in dm-crypt you would have to > setup it up in ECB mode and use a key like "passphrase-IV". You have to > set this key before a requests and wait until its done until you > issue another crypto request (which includes setkey). yes, I understand why this happens. I do not want to use stream cipher, but apparently users will do that:-) My question was why crypto allows this setting? Or maybe what to do in dm-crypt to not allow user set such cipher mapping (because it cannot produce anything useful). IMHO it will not work even in ECB mode here for dm-crypt. (also dm-crypt uses own IV function generators, but it is another story) > CBC will not work because one of its requirements is that the cipher > provides an inverse function which ARC4 simply does not have. Again, why crypto API allows to use it and do not produce error then? Milan -- mbroz@redhat.com